Bobbi-Jean MacKinnon reports: A Horizon Health Network employee has been fired after they “inappropriately accessed” the personal health information of 1,251 people at Charlotte County Hospital in St. Stephen, N.B., allegedly “out of curiosity.” In a statement, Horizon’s vice-president of quality and patient-centred care, Margaret Melanson, describes the situation as a “significant privacy breach.” Read…
Category: Non-U.S.
UK: ICO fines transgender charity for data protection breach exposing sensitive personal data
Bigger companies may pay bigger fines, but smaller fines do not mean smaller impact when it comes to dealing with sensitive information, as in this case. The Information Commissioner’s Office (ICO) has fined transgender charity Mermaids £25,000 for failing to keep the personal data of its users secure. The ICO’s investigation began after it received a…
Cyberattacks continue to interfere with vaccination efforts and municipal governments
Cyberattacks continue elsewhere as the two reports below show. One attack impacted the COVID-19 vaccination portal in the country of Georgia. An unrelated attack affected a municipality in Romania. Georgia Like many countries, Georgia has been dealing with a significant increase in number of new COVID cases after previously lifting some restrictions. On July 2,…
Sg: Spooked by website hacking, ad firm beefs up security, stops using default passwords
Kenny Chee reports: A simple, default password shared by employees was possibly the weak link that allowed hackers to break into advertising and creative agency Splash Productions‘ website and deface it. The incident, which happened about five to six years ago, was a wake-up call that spurred the company to drastically improve its cyber security…
NZ: Whanganui DHB apologizes after vaccine privacy breach
Mike Tweed reports: Whanganui District Health Board has apologised for a privacy breach that accidentally disclosed the email addresses of about 200 people. The health board has been inviting people in Group 3 for their Covid-19 vaccine via text, letter and email, but last week an email was sent without the use of the blind…
Norwegian DPA: Moss Municipal Council fined
The Norwegian Data Protection Authority has imposed a EUR 50,000 (NOK 500,000) fine on Moss Municipal Council for failing to adequately protect personal data. The error has been corrected and the case closed. In connection with the amalgamation of the municipalities of Rygge and Moss in January 2020, efforts were made to combine the use…